summaryrefslogtreecommitdiffstats
path: root/usr.sbin/tcpdump/print-gre.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* add geneve option printing.dlg2020-08-171-3/+63
| | | | mostly modelled on the nsh md2 printing.
* don't need to shift the vxlan vni twice.dlg2020-08-171-2/+2
|
* add initial support for handling geneve packets.dlg2020-08-171-1/+98
| | | | | | | it's like vxlan, but different. the most interesting difference to vxlan is that the protocol adds support for adding optional metadata to packets (like nsh). this diff currently just skips that stuff and just handles the payload. for now.
* add support for printing RfC 2332 NBMA Next Hop Resolution Protocol (NHRP)remi2020-04-151-1/+7
| | | | ok dlg@
* - (void)printf() -> printf(); the cast adds clutter for little value.procter2020-01-241-3/+3
| | | | | | | | | | - fprintf(stdout, ...) -> printf() - fputs(x, stdout) -> printf(); for consistency. fputs is twice as fast on atom x5-Z8300@1.44GHz but Amdahl sees a pure printf tcpdump only 2% slower than a pure fputs (for constant strings) tcpdump to /dev/null across a 20MB/~170k packet pcap file. ok dlg@ for fputs and ok tedu@ krw@ deraadt@ a2k19 for the rest
* add support for printing RFC 8300 Network Service Header (NSH)dlg2019-12-031-2/+8
| | | | ok deraadt@
* add support for VXLAN-GPE as per draft-ietf-nvo3-vxlan-gpe-08.dlg2019-12-021-32/+79
| | | | | it's nicely backwards compatible, so we can use the same code for both vxlan and vxlan-gpe.
* support -T erspan so arbitrary gre protocols can be seen as erspandlg2019-05-261-1/+9
| | | | | | | this lets me configure a custom gre protocol on a dell s4810 or s5048 and see what's inside it when it lands on an openbsd box. ok lteo@
* handle ERSPAN type Idlg2019-05-171-4/+10
| | | | | | | | | | type I and II share their GRE protocol, but you tell them apart by checking if a sequence number is used. type I does not use a sequence number and contains a bare ethernet frame. type II contains a sequence number and a shim header that is already handled by the code. tested with a Dell S5048F-ON and an encapsulated remote port mirror setup.
* print the gre protocol number as hex when vflag is enableddlg2019-04-051-1/+4
| | | | | this is useful for telling the MPLSes apart, and generally understanding what you're seeing.
* support printing cdp over gre and pppdlg2019-04-051-1/+4
| | | | ok deraadt@ mpi@ sthen@
* print MPLS_MCAST as mpls, rather than unknowndlg2019-04-021-1/+2
| | | | | | | | | | | | The caveat with this is that MPLS and MPLS_MCAST look exactly the same. I could prefix the MCAST line with "multicast" or something, but like everything else in MPLS the meaning of that protocol type is supposed to have changed. It's no longer meant to indicate multicast mpls, but mpls with a label selected by an upstream. So what's the right thing to do? noticed by Mitchell Krome, who used this breakage to identify another problem, which won't happen anymore.
* handle Cisco's Encapsulated Remote Switch Port Analyzer (ERSPAN) protocoldlg2019-02-051-1/+104
| | | | | | | | | ERSPAN II is an 8 byte header before an ethernet payload. the switch at work doesnt produce erspan III, so I haven't handled that yet. this at least let's me see what's on the wire so i can contemplate how i want to deal with the payload. based on draft-foschiano-erspan-03
* add support for vxlan packets.dlg2018-07-061-1/+62
| | | | | I personally think vxlan looks suspiciously like gre, so I put the parser in print-gre.c
* recognise MikroTik's Ethernet over IP (eoip) protocoldlg2018-05-281-19/+97
| | | | | | | | | | eoip is a twisted gre based protocol using version 1 like pptp, but a different protocol id. this splits the gre 1 protocol handling up so it doesn't assume that all packets are pptp, but decides between eoip and pptp based on the protocol field. unknown protocols are unknown rather that assumed to be pptp. ok sthen@
* make the gre flowid output always 2 chars so payloads stay lined up.dlg2018-02-241-2/+2
|
* use ether_tryprint, which looks inside the ether packet.dlg2018-02-091-2/+2
| | | | ether_print just prints the ether header.
* it turns out the wccp header is optionaldlg2018-02-091-14/+21
| | | | | peek inside the payload to see if the first nibble looks like ipv4. if it isnt ipv4 assume it is the wccp header.
* have a go at decoding cisco wccp gre packets, and let them fall into IP.dlg2018-02-081-1/+34
|
* recognise gre proto 0 as a "keep alive" packetdlg2018-02-081-1/+4
|
* shorten the output for gre keys.dlg2018-02-071-3/+3
|
* rework ppp, pptp, and gre parsing.dlg2018-02-061-100/+127
| | | | | | | | | | | | | | | | | | | | | | this started cos i was looking at pptp, which came out like this: 23:52:00.197893 call 24 seq 7: gre-ppp-payload (gre encap) 23:52:00.198930 call 1 seq 7 ack 7: gre-ppp-payload (gre encap) now it looks like this: 23:52:00.197893 20.0.0.2 > 20.0.0.1: pptp callid 24 seq 7: 17.1.1.122 > 40.0.0.2: icmp: echo request 23:52:00.198930 20.0.0.1 > 20.0.0.2: pptp callid 1 seq 7 ack 7: 40.0.0.2 > 17.1.1.122: icmp: echo reply the big improvement in ppp parsing is it stops parsing based on what the ppp headers say, rather than what bytes have been captured. this also adds parsing of EAP packets. DLT_PPP_SERIAL is now recognised and printed. gre now prints the outer addresses always, not just when it's encapsulated by ipv6 or -v is passed to tcpdump. ok sthen@
* teach tcpdump some more things about gre.dlg2016-12-131-29/+62
| | | | | | | | | gre can be encapsulated in ipv6. gre can encapsulate ipv6, mpls, and ethernet. nvgre is based on gre, so if the header could be nvgre print the vsid and flow id as well as the key. ok stsp@
* Cap the GRE packet len to tcpdump's snap len, fixes a segfault.jca2015-11-051-1/+4
| | | | From Kevin Reay, ok sthen@
* When fetching the GRE version, use GRE_VERS and not a naked "7" as mask.jca2015-11-051-2/+2
| | | | From Kevin Reay
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-2/+1
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* No use for <netinet/in_systm.h> nor <netinet/tcpip.h>.mpi2014-08-141-2/+1
|
* last bit of clause 3 & 4 nuking for me.jason2003-06-031-6/+1
|
* o for gre version 1, correctly check if kp (key present) is unset.fgsch2002-10-301-13/+13
| | | | | | | | o remove trailing spaces for better output. o print sequence, acknowledge and callid as unsigned, and remove key from version 1 since it's actually the payload length (not including the gre header). jason@ ok.
* Handle RFC2637 (PPTP defines an enhanced GRE... *sigh*)jason2002-09-181-9/+118
|
* Fully decode source routing elements defined in rfc1702jason2002-09-181-1/+102
|
* Rewrite from scratch: same basic functionality, but better license andjason2002-09-181-102/+115
| | | | knows how to skip routing info and process the rest of the packet.
* Add $OpenBSD$. (jakob@ ok)ho2000-10-031-1/+3
|
* *** empty log message ***bitblt1996-12-121-0/+141
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.